The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning city officials about a cyber threat from China against critical infrastructure. CISA Director Jen Easterly testified earlier this year before a House Select Committee.
Easterly said CISA teams have found and eradicated Chinese intrusions in multiple critical infrastructure sectors, including aviation, water, energy, and transportation. “In particular, we have seen Chinese cyber actors, including those known as Volt Typhoon, burrowing deep into our critical infrastructure to enable destructive attacks in the event of a major crisis or conflict,” Easterly said.
“This is a world where a major crisis halfway across the planet could well endanger the lives of Americans here at home through the disruption of our pipelines, the severing of our telecommunications, the pollution of our water facilities, the crippling of our transportation modes, all to ensure that they can incite societal panic and chaos and to deter our ability to marshal military might and civilian will.”
The FBI, CISA, National Security Agency, Environmental Protection Agency (EPA), and the Israel National Cyber Directorate jointly issued a cybersecurity advisory warning that cyber actors designated as terrorist organizations are actively targeting and compromising Israeli-made programmable logic controllers commonly used in the water and wastewater sectors and other industries, including energy.
CISA and several partner agencies released a fact sheet to guide leaders of critical infrastructure entities on prioritizing the protection of those entities and their functions.
“Every victim of a cyber incident should report it to CISA or the FBI every time, knowing that a threat to one is a threat to all, and cybersecurity is national security,” Easterly said. “Every critical infrastructure entity should establish a relationship with their local CISA team and take advantage of our free services, including vulnerability scanning, to ensure they can identify and prevent the vulnerabilities that the Chinese cyber actors are using.”
Report cyber incidents to CISA’s 24/7 operations center, call 888.282.0870, or contact Lawrenceburg, Kentucky-based Region 4 Emergency Communications Coordinator Derek Nesselrode.